CCE-97632-4| Platform: cpe:/o:microsoft:windows_server_2022:::x64 | Date: (C)2022-06-07 (M)2023-07-04 |
This setting lets you decide whether employees can override the SmartScreen Filter warnings about potentially malicious websites.
Turning this setting on stops employees from ignoring the SmartScreen Filter warnings and blocks them from going to the site.
Turning this setting off, or not configuring it, lets employees ignore the SmartScreen Filter warnings about potentially malicious websites and to continue to the site.
Countermeasure:
Enable this setting.
Potential Impact:
Users may not be able to go to websites or content that SmartScreen considers malicious or dangerous.
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\Don t allow SmartScreen Filter warning overrides
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverride
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.6 | Attack Vector: NETWORK |
| Exploit Score: 2.8 | Attack Complexity: LOW |
| Impact Score: 4.7 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: LOW |
| | Availability: LOW |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:81005 |
